Technology giants will be forced to have a “duty of care” for their users, if a proposal announced by the government on Monday becomes law.

The proposal—a “white paper,” in UK legal parlance, which is one of the first stages of a formal government policy—is, on the surface at least, sweeping in scope and is a serious shot across the bows for big tech companies. But it has also raised some serious concerns about how it will be implemented and the possible consequences it might have on citizens' free speech.

Aiming to tackle well-defined harms such as hate crime, stalking, and terrorist activity alongside issues such as trolling and disinformation, the UK government proposes combining work done across eight or more separate regulators into one.

Sign up for The Download

- Your daily dose of what's up in emerging technology

Stay updated on MIT Technology
Review initiatives and events?

YesNo

This new "super-regulator" could have powers to fine technology companies according to their revenue, or even to block them. It could also be able to prosecute individual executives. The proposed body could be funded either by an industry levy or from the proceeds of any enforcement fines it imposed.

The proposals have raised interest among academics and observers, and alarm among privacy campaigners. The former note that while the document is scant on details despite being tens of thousands of words long, it sets out a clear direction in a way few countries have been willing to do.

But the latter fear that the way it is implemented could easily lead to censorship for users of social networks rather than curbing the excesses of the networks themselves. Such impressions were not helped when Home Secretary Sajid Javid endorsed the concept, at least, of pre-moderating content before it was published. “The government’s proposals would create state regulation of the speech of millions of British citizens,” says Jim Killock, executive director of digital privacy advocates, Open Rights Group.

According to Eric Kind, a surveillance consultant and lecturer, the UK proposals affirm a duty of care to users as “the central idea and rallying call under which a variety of policy options are sitting.” This would represent something significantly new for the technology companies.

The plans also shift the government view away from any idea that the technology industry is somehow stateless or ungovernable—judging instead, likely rightly, that the UK market is large and wealthy enough to give the industry a powerful interest in complying even with legislation they loathed.

Where the plans run aground, though, is in implementation. All the complexities are punted—either to later legislative stages, to the regulator, or to the technology giants themselves. There is little to no attempt to define “harms,” or to work out precise sanctions. Where the report attempts to be moderate—for example, saying a new regulator would have to be mindful of “innovation”—it doesn’t set out what that means.

For some, that vagueness is alarming. The UK already has some of the strongest laws in the world—via the Investigatory Powers Act—on accessing and surveilling internet users and gaining their data from suppliers.

Given the weakness of the UK government and Prime Minister Theresa May’s (likely) impending resignation, this white paper in its present form is unlikely to become law. But it could serve as a lodestone to regulators in the UK and elsewhere. The course it represents is likely to be embraced by whichever government succeeds this one.

For good or for ill, this could represent a new direction for the internet, at least in Europe. For the US, with its First Amendment, we can expect the story to go very differently.